Skip to main content
In plain terms: Ship designs are among a yard’s most sensitive and valuable assets, and some are defense-related. Forge is built so that sensitive data is processed on your own infrastructure and never leaves the building, and so that no yard can ever see another yard’s work.

Why this is the hardest constraint

An AI is only as good as the data it learns from, which means feeding it a yard’s past designs and contracts. But that data is also the yard’s most valuable and sensitive asset. Sending proprietary hull forms and regulatory details to a shared cloud model is a risk most yards cannot accept. So Forge treats data sensitivity as a versioned policy, not a runtime preference. It is enforced by the system, not left to good intentions.

Four sensitivity classes

Every source and every AI request carries one of four sensitivity classes, and the class decides where it is allowed to be processed:
ClassWhat it coversWhere it can go
PublicReference rule text, public datasets, published papersAny model provider
InternalForge’s own schemas, prompts, evaluationsAny provider
ConfidentialTenant-provided non-defense data, commercial yard recordsLocal (your own infrastructure) by default; external only with explicit redaction and a fidelity check
RestrictedUSCG, ABS, defense-adjacent, IP-worth implementation specificsLocal only. Never external. All outside providers blocked.
Every model call records a policy evaluation: the sensitivity class, where it was routed, whether redaction was applied. A sensitive payload reaching an outside provider against policy is treated as a top-severity incident, the same level as a fabricated result.
“Zero bytes of restricted data crossed the boundary” is something you can check, not just something you hope.

One yard never sees another

Forge serves many yards from the same software, but with rigorous . Each yard sees only its own vessels, drawings, decisions, and outcomes. This isolation is enforced at the database layer, not just in the application code. Even a bug in the application cannot leak data, because the database itself refuses to return rows that do not belong to the current yard. The standard it holds itself to: any hand-crafted attempt to retrieve another yard’s data must fail by construction, no matter who runs it.

Every value traces back to its origin

Forge also keeps full . A clearance value is not just a number; it traces back to the service that computed it, to the CAD model that geometry came from, to the version of that model, to the engineer who committed it. Combined with the cryptographic signature on every decision, this is what makes a Forge decision defensible in front of a regulator, a customer, or a court.